Erlang/OTP 26.2.5.12

This release of Erlang/OTP can be built from source or installed using pre-built packages for your OS or third-party tools (such as kerl, asdf or mise).

docker run -it erlang:26.2.5.12
Erlang/OTP 26.2.5.12
View on github.com
Patch Package OTP 26.2.5.12
Git Tag OTP-26.2.5.12
Date 2025-05-08
Issue Id
CVE-2025-46712
ERIERL-1220
System OTP
Release 26
Application

compiler-8.4.3.3 #

The compiler-8.4.3.3 application can be applied independently of other applications on a full OTP 26 installation.

OTP-19600
Application(s):
compiler
Related Id(s):
GH-9715 , PR-9737

Fix a bug where unloaded nifs can crash the compiler.

Full runtime dependencies of compiler-8.4.3.3: crypto-5.1, erts-13.0, kernel-8.4, stdlib-5.0

erts-14.2.5.10 #

The erts-14.2.5.10 application can be applied independently of other applications on a full OTP 26 installation.

OTP-19577
Application(s):
erts
Related Id(s):
ERIERL-1220 , PR-9696

Fixed an emulator crash when setting an error_handler module that was not yet loaded.

OTP-19599
Application(s):
erts
Related Id(s):
PR-9724

Fixed a rare bug that could cause an emulator crash after unloading a module or erasing a persistent_term.

Full runtime dependencies of erts-14.2.5.10: kernel-9.0, sasl-3.3, stdlib-4.1

kernel-9.2.4.8 #

The kernel-9.2.4.8 application can be applied independently of other applications on a full OTP 26 installation.

OTP-19605
Application(s):
kernel
Related Id(s):
GH-9720 , PR-9765

With this change, disk_log will not crash when using chunk_step/3 after log size was decreased.

OTP-19608
Application(s):
kernel
Related Id(s):
GH-9707 , PR-9767

With this change, disk_log will not run into infinite loop when using chunk/2,3 after log size was decreased.

Full runtime dependencies of kernel-9.2.4.8: crypto-5.0, erts-14.0, sasl-3.0, stdlib-5.0

ssh-5.1.4.9 #

The ssh-5.1.4.9 application can be applied independently of other applications on a full OTP 26 installation.

OTP-19625
Application(s):
ssh
Related Id(s):
CVE-2025-46712

Fix KEX strict implementation according to draft-miller-sshm-strict-kex-01 document.

Full runtime dependencies of ssh-5.1.4.9: crypto-5.0, erts-14.0, kernel-9.0, public_key-1.6.1, runtime_tools-1.15.1, stdlib-5.0, stdlib-5.0

xmerl-1.3.34.3 #

The xmerl-1.3.34.3 application can be applied independently of other applications on a full OTP 26 installation.

OTP-19602
Application(s):
xmerl
Related Id(s):
PR-9753

A new option to discard whitespace before the xml tag when reading from a stream has been added to the Xmerl SAX parser.

-- {discard_ws_before_xml_document, Boolean} -- Discard whitespace before xml tag instead of returning a fatal error if set to true (false is default)

Full runtime dependencies of xmerl-1.3.34.3: erts-6.0, kernel-8.4, stdlib-2.5

Thanks To #

João Henrique Ferreira de Freitas, Lý Nhật Tâm